<?php
/*******************************************************************************
 * @filename: users_controller.php
 *
 * @author: immer_baldos
 *
 * @description: controller for user model
 *
 * @history:
 *
 *   VERSION   DATE                   BY          NOTES
 *  ---------------------------------------------------------------
 *     1.0     September  9, 2009     immer       initial bake
 *
 *     2.0     September 18, 2009     immer       implement the following methods
 *                                                  login,logout,changepass
 *                                                enable authentication
 *                                                removed admin routes
 *
 *     3.0     September 21, 2009     immer       add user role selection for
 *                                                  add(),edit(),changepass()
 *
 ******************************************************************************/

class UsersController extends AppController {

	var $name = 'Users';
	var $helpers = array('Html', 'Form');
    var $components = array('Auth','Cookie', 'Session');

    //auth methods
    function login() {
    }

    //auth methods
    function logout() {
        $this->Auth->logout();
        $this->redirect('/');
    }

	function index() {
		$this->User->recursive = 0;
		$this->set('users', $this->paginate());
	    if ($this->Auth->user('role') != 'admin'){
            $this->redirect('/');
        }
	}

	function view($id = null) {
		if (!$id) {
			$this->Session->setFlash(__('Invalid User.', true));
			$this->redirect(array('action'=>'index'));
		}
		$this->set('user', $this->User->read(null, $id));
	    if ($this->Auth->user('role') != 'admin'){
            $this->redirect('/');
        }
	}

	function add() {
	    //add list of customers to view
	    $this->loadModel('Customer');
	    $custQuery = $this->Customer->find('all');
	    $custList[0]="     ";
        foreach ($custQuery as $value){
            $custList[$value['Customer']['id']]=$value['Customer']['name'];
        }
	    $this->set('customer', $custList);

        //save logic
		if (!empty($this->data)) {

    	    switch ($this->data['User']['role']){
    	        case 0:$this->data['User']['role']='admin'         ;break;
    	        case 1:$this->data['User']['role']='finance'       ;break;
    	        case 2:$this->data['User']['role']='collector'     ;break;
    	        case 3:$this->data['User']['role']='product office';break;
    	        case 4:$this->data['User']['role']='sales'         ;break;
    	       default:$this->data['User']['role']='customer'      ;break;
    	    }


		    if ($this->data['User']['role'] == 'customer' && $this->data['User']['customer_id'] == 0){
                //do not save when customer_id not specified
		        $this->Session->setFlash(__('A User with a customer role should have a valid customer id.', true));
		    }else{
		        //save
    			$this->User->create();
    			if ($this->User->save($this->data)) {
    				$this->Session->setFlash(__('The User has been saved.', true));
    				$this->redirect(array('action'=>'index'));
    			} else {
    				$this->Session->setFlash(__('The User could not be saved. Please, try again.', true));
    			}
		    }
		}
	    if ($this->Auth->user('role') != 'admin'){
            $this->redirect('/');
        }
	}

	function edit($id = null) {
		if (!$id && empty($this->data)) {
			$this->Session->setFlash(__('Invalid User', true));
			$this->redirect(array('action'=>'index'));
		}

		if (!empty($this->data)) {
			$orig = $this->User->read(null, $id);

    	    switch ($this->data['User']['role']){
    	        case 0:$this->data['User']['role']='admin'         ;break;
    	        case 1:$this->data['User']['role']='finance'       ;break;
    	        case 2:$this->data['User']['role']='collector'     ;break;
    	        case 3:$this->data['User']['role']='product office';break;
    	        case 4:$this->data['User']['role']='sales'         ;break;
    	       default:$this->data['User']['role']='customer'      ;break;
    	    }

            //preserve password on edit
            $this->data['User']['password']=$orig['User']['password'];

			if ($this->User->save($this->data)) {
				$this->Session->setFlash(__('The User has been saved.', true));
				$this->redirect(array('action'=>'index'));
			} else {
				$this->Session->setFlash(__('The User could not be saved. Please, try again.', true));
			}
		}

		if (empty($this->data)) {
			$this->data = $this->User->read(null, $id);

            if($this->data['User']['role'] == 'admin'){
                $myRole=0;
            }else if($this->data['User']['role'] == 'finance'){
                $myRole=1;
            }else if($this->data['User']['role'] == 'collector'){
                $myRole=2;
            }else if($this->data['User']['role'] == 'product officer'){
                $myRole=3;
            }else if($this->data['User']['role'] == 'sales'){
                $myRole=4;
            }else {
                $myRole=5;
            }
            //convert roles to temporary list for view
            $this->set('trole', $myRole);
		}


	    if ($this->Auth->user('role') != 'admin'){
            $this->redirect('/');
        }
	}

	function changepass($id = null) {
		if (!$id && empty($this->data)) {
			$this->Session->setFlash(__('Invalid User: '.$id, true));
			$this->redirect('/');
		}
		if (!empty($this->data)) {
		    //confirm second password field
		    if ($this->data['User']['password'] != $this->data['User']['password2']){
		        $this->Session->setFlash(__('Passwords Do Not Match.', true));
    		    $this->redirect(array('action'=>'changepass',$this->data['User']['id']));
		    }

		    //hash the password
		    $this->data['User']['password']=$this->Auth->password($this->data['User']['password']);
    	    switch ($this->data['User']['role']){
    	        case 0:$this->data['User']['role']='admin'         ;break;
    	        case 1:$this->data['User']['role']='finance'       ;break;
    	        case 2:$this->data['User']['role']='collector'     ;break;
    	        case 3:$this->data['User']['role']='product office';break;
    	        case 4:$this->data['User']['role']='sales'         ;break;
    	       default:$this->data['User']['role']='customer'      ;break;
    	    }

            //save
			if ($this->User->save($this->data)) {
				$this->Session->setFlash(__('Password Changed.', true));
				if ($this->Auth->user('role') == 'admin'){
				    $this->redirect(array('action'=>'index'));
				}
				$this->redirect('/');
			} else {
				$this->Session->setFlash(__('Error Changing Password', true));
			}
		}
		if (empty($this->data)) {
			$this->data = $this->User->read(null, $id);

			//pre-load old password field
		    $this->data['User']['old_password']=$this->data['User']['password'];

            if($this->data['User']['role'] == 'admin'){
                $myRole=0;
            }else if($this->data['User']['role'] == 'finance'){
                $myRole=1;
            }else if($this->data['User']['role'] == 'collector'){
                $myRole=2;
            }else if($this->data['User']['role'] == 'product officer'){
                $myRole=3;
            }else if($this->data['User']['role'] == 'sales'){
                $myRole=4;
            }else {
                $myRole=5;
            }

            $this->set('role', $myRole);

		}

	}

	function delete($id = null) {
		if (!$id) {
			$this->Session->setFlash(__('Invalid id for User', true));
			$this->redirect(array('action'=>'index'));
		}
		if ($this->User->del($id)) {
			$this->Session->setFlash(__('User deleted', true));
			$this->redirect(array('action'=>'index'));
		}
	    if ($this->Auth->user('role') != 'admin'){
            $this->redirect('/');
        }
	}

}
?>